[cap-talk] network level designation and authorization

[coderman]

On 6/8/06, David Hopwood <david.nospam.hopwood at blueyonder.co.uk> wrote:
> ...
> This is so different from how a VPN is normally used that I would suggest
> not describing it as a "VPN", even if the intention is to use crypto
> protocols that are most commonly used to implement VPNs.

fair enough; how would you describe it?  virtual private crossover?
(since this will only be used host-to-host and not in gateway/subnet
fashion).

i'd like to find a better name as VPN conjures up images of perimeter
security which is not the intent.


> There isn't any particular commitment to specific crypto protocols like
> TLS in the high-level design of the web-calculus or CapTP/VatTP, if that
> is what you are worried about.

this was the concern.

providing communication privacy below the service level allows this
layer to be updated or modified according to various needs (for
example, the difficulty upgrading digests in TLS), while the
functionality and security of the capability services is isolated from
these headaches.

regarding CapTP: are the VatID's thus entirely separate from
communication privacy?  it appears this is the case but the mention of
CapTP for privacy confused me.

also, in the CatTP parameter descriptions[1] i see mention that a
nonce "May be guessable, but must not accidentally collide.".

i have always assumed that the unguessability of nonces was central to
the security of the capabilities / resources they are used to
represent (and also why i am so fond of truly random number generators
in hardware).  is this an oversight or is there some aspect of the
CatTP protocol which makes high order analysis / statistical attacks
against the nonces used not a problem?

thanks again to all for the feedback.

1. http://www.erights.org/elib/distrib/captp/types.html